Friday, April 18, 2008

The Justice Department next month will release baseline standards for the information-sharing capabilities of the more than 50 state and local intelligence fusion centers nationwide.

John Cohen, a spokesman for the Office of the Director of National Intelligence’s Program Manager for the Information Sharing Environment, said the baseline capability requirements will incorporate the role in the federal information-sharing environment laid out in the 2007 National Strategy for Information Sharing (NSIS). He added that much of the guidance is not new and that state and local authorities were involved in developing the directions, which will include additional guidance on privacy issues.

Also, on April 17 there was a hearing before the Senate Committee on Homeland Security and Governmental Affairs Ad Hoc Subcommittee on State, Local and Private Sector Preparedness and Integration. A few highlights from the testimony.

The general drift of the testimony was that progress is being made in sharing information, but some systemic and programmatic hurdles remain. The most significant of these, from the perspective of the fusion centers themselves, is the uncertainty of future funding streams.

Captain Charles Rapp, Director of the Maryland Coordination and Analysis Center, said that centers are still having trouble dealing with the quantity of information received - too much, too disorganized, not the right kind:

One of our greatest challenges is to expeditiously process the profusion of information to determine what is useful to our consumers.

It is also imperative that we make our federal partners understand that access to information does not necessarily equate to sharing information.

Another facet of this process is to educate state and local managers about what information they need and what they can expect from the fusion centers. Many state and local managers narrowly seek only tactical information, while ignoring a broader strategic analysis that could benefit their agencies.

And yet, when dealing with familiar, well-established categories of crimes, the fusion centers are doing pretty good:

Fusion centers are sharing more time sensitive information about organized criminal activities, gang-related activities and other information that previously may have only been shared in response to a specific request.

But in their interface with Joint Terrorism Task Forces, the fusion centers are not being treated as significant partners:

The FBI’s Joint Terrorism Task Forces have been reluctant to integrate fusion centers into their intelligence gathering operations. Instead, they continue to rely on state and local task force members to relay information to their agencies. This compartmentalization of information gathering and sharing is counter-productive and counter-intuitive to the fusion center concept.

Once the JTTF opens a case and investigates the information, it can either move forward as a classified case or be closed. This information is generally not reported back to the fusion centers. Other bits of information may not fit anything and may only be entered into a database. The fusion center may never know whether any of the information played a significant role in an investigation. Thus most of the success stories from information sharing have been anecdotal. We can quantitatively measure factors like how many calls are received per day, how many information requests are processed daily, the number of products produced, etc. However, I am not convinced that these measures will give you the true value of the centers or provide an accurate picture of their capabilities.

What's needed, Rapp argues, is a better process for prioritizing information so that everyone from the local level on up knows what to look for:

Baseline capabilities require a statewide threat assessment listing vulnerabilities and gaps from which prioritized collection requirements can be derived. Once the centers develop prioritized information needs, they can clearly communicate that to collectors. Collectors will then report back to the fusion centers enhancing the capacity of the state to detect potential precursors to terrorist activity. This should then be the focal point for federal agencies to synthesize their intelligence with any intelligence gathered on a local level. This is not happening.

The point was echoed by Matthew Bettenhausen, Homeland Security Director for California, who said:

However, more work needs to be done to better define the requirements of the Intelligence Community from State and local public safety agencies. Locals need clearer direction on the types of information that should be shared.

And yet in some operational respects, Bettenhausen said, things are improving - including the implementation of the HSIN, which I'vecriticized in the past.

At the operational level, fusion center analysts have been pleased with the Department of Homeland Security's deployment of the Homeland Security Information Network (HSIN), a system for sharing sensitive analytical products. Under Mr. Charlie Allen's leadership, the Department has improved both the timeliness and the quality of the HSIN products.

Even in the absence of solid direction, fusion centers are trying to innovate. For instance, to better capture information from local agencies, Rapp said Maryland has developed a regional structure:

Collection of information is another challenge for the local jurisdictions. In Maryland we realized that we were not capturing information from areas that were not in the Baltimore Metropolitan region. To counter that lack of information flow, we developed a regional plan. We currently have three regional centers operating in Hughesville, Salisbury and Frederick Maryland. Control of these centers is maintained locally and they are networked into our main center. The value of these centers is collecting local information that will benefit the participating agencies. The regional centers add value to the agencies within their area by providing crime information and identifying local patterns. They are tracing criminal activity and participants and looking for travel patterns within their communities and helping solve criminal incidents by linking associates and acts.

Fusion centers have also developed a network (a type of desired "network of networks") to share information about what's working.

Over the past two years the development of a Homeland Security Information Network State and Local Intelligence Portal Community of Interest (HS SLIC) has become a vital link and extremely beneficial tool for the fusion centers. ... The connectivity of the states within this portal is very effective and allows members to exchange information within a secure environment.

DHS Under Secretary for Intelligence and Analysis Jack Tomarchio also had good things to say about HS SLIC:

DHS sponsors the Homeland Security State and Local Intelligence Community of Interest (HS SLIC), a virtual community of intelligence analysts from across the country -- currently, 1,000 members from 42 states, the District of Columbia, and six federal departments. Through the HS SLIC, intelligence analysts across the country collaborate via weekly threat conference calls, analytic conferences, and a secure Web portal for intelligence information sharing at the sensitive-but-unclassified level.

Federal agencies, to their credit, are trying to involve state and local officials, via pilot projects. GAO's Eileen R. Larence, Director of Homeland Security and Justice Issues, reported:

As of March 2008, four state and local law enforcement representatives had been detailed to the ITACG to provide a nonfederal perspective to the intelligence community in its situational and threat reporting and intelligence products, by, for example, requesting changes to report language to better address state and local needs. According to one of the representatives, these changes have involved requesting that specific tactical information be included in reports or that, where possible, the security classification of a report be lowered so that it could be disseminated more broadly to state and local officials. While these efforts to improve the quality and flow of information to state and local users are promising, it is too soon to determine the extent to which they will address the challenges in accessing and managing information reported to us by fusion center officials.

Over a six month period, DHS I&A undertook a pilot project, working with six of our fusion center partners to examine their day-to-day information needs. By working with I&A deployed personnel, assigned pilot personnel within I&A headquarters and most importantly our state and local partners, I&A was able to develop a precise set of information needs.

And yet, hanging over all of this is a concern about funding. As indicated above and by manyothersources, the fear that fusion centers will become an unfunded mandate is a major concern. Rapp, Maryland's center director, is concerned:

However, without a consistent funding stream some centers may never attain the core capabilities. ... This year, my funding has not been released. Aside from funding contractual analysts, I have no funds to spend on operational needs. This makes planning and developing baseline capabilities difficult.

[I]nconsistent guidance (Information Bulletins 235 and 281) regarding the use of federal funds under the State Homeland Security and Urban Area Security Initiative Grant programs has been extremely counterproductive and detrimental to State and local efforts to build and sustain a network of fusion centers.

[S]ome fusion center officials raised concerns at the national fusion center conference [in Feb 2008] about how specifically the federal government was planning to assist state and local governments to sustain fusion centers. For example, whether federal funding for fusion centers would continue to be available through DHS’s homeland security grant program or whether in the future there would be fusion-center specific funding has yet to be determined.

On the contentious issue of security clearances, the hearing produced more confusion than clarity. On the one hand, DHS' Jack Tomarchio said the clearances backlog is, well, clear:

When I arrived at DHS from the private sector two and half years ago, the wait time to receive even a Secret-level clearance was nearly two years and the backlog of applicants was enormous. Thanks to the efforts of the DHS and I&A Offices of Security, we have dramatically reduced the amount of time it takes to grant those clearances and nearly eliminated the backlog.

Both DHS and the FBI have provided security clearances for state and local personnel and set timeliness goals for granting clearances. However, officials cited challenges obtaining and using clearances. Obtaining and using security clearances represented a challenge for 44 of the 58 centers we contacted, which could limit their ability to access and use some information. In addition, while law and executive order provide that a security clearance granted by one federal agency should generally be accepted by other agencies, officials in 19 of the centers encountered difficulties with federal agencies, particularly DHS and the FBI, accepting each others’ clearances. DHS and DOJ officials reported that they were not aware of recent fusion center challenges with reciprocity of clearances.

Security clearances - both in terms of availability and proper level - remain an issue for State and locals. Perhaps the most recent and best example I can provide you with, is the classification of the new Presidential Homeland Security Directive regarding cyber security at the Top Secret level. Unfortunately, the Department has not recognized the need to issue Top Secret clearances to State and local public safety officers - even those whom bear the responsibility of implementing national security directives.

All things considered, it's a mixed bag. The biggest concern still seems to be a clear demonstration of a level of commitment to the concept and to the centers.